Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Join the FabCon + SQLCon recap series. Up next: Power BI, Real-Time Intelligence, IQ and AI, and Data Factory take center stage. All sessions are available on-demand after the live show. Register now

Reply
RustyO
Frequent Visitor

Row Level Security (RLS) not working. Specific domain / Email addresses?

‎06-12-2022 05:57 PM

Hi All,

 

I have identified anomalies when attempting to apply Row Level Security to specific email addresses only. This is across three domains [ .com | .com.au | .co.uk ]

 

To replicate the scenario I created a simple test / proof of concept. One table. One Security Role. One Measure.

 

The Security Users table is sourced from an Excel workbook. Seven email addresses across the three domains:

 

15545 Microsoft 0010.png

 

I have created a single role called Security. This is applied to the Security Users table as [Principal] = USERPRINCIPALNAME()

 

15545 Microsoft 0020.png

 

I have created a measure to sanity check: mUserPrincipalName = USERPRINCIPALNAME()

 

Desktop Row Level Security logic works as expected. "View As" etc. Publishes to the service fine.

 

All email addresses are valid in the service, have been added to the Security group:

 

15545 Microsoft 0030.png

 

The problem:

 

  • The .com (#4) and .com.au (#1 & #2) addresses work as expected.
  • The .co.uk (#3, #5 & #6) addresses do not work as expected, all data is shown. 

 

Naturally this leads to the idea that it is a domain specific issue, but not sure where to look?

 

Any adivce would be appreciated.

 

Thanks in advance.

 

 

Labels:
Message 1 of 2
427 Views
0
1 REPLY 1
Tutu_in_YYC
Super User
Super User

‎06-13-2022 03:02 PM

The only way RLS is overwritten if the users are members in the workspace and have one of these following roles:
1-admin

2-member

3-contributor


If they are assigned with any of these, RLS will show everything. Can you check if they are members of the workspace? They could also be hidden in a security group.

Message 2 of 2
360 Views
0

Helpful resources

Announcements
April Power BI Update Carousel

Power BI Monthly Update - April 2026

Check out the April 2026 Power BI update to learn about new features.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

FabCon and SQLCon Highlights Carousel

FabCon &SQLCon Highlights

Experience the highlights from FabCon & SQLCon, available live and on-demand starting April 14th.

View All